Privacy Policy

Last updated: May 7, 2026

Quay is currently in early access. When you use Quay we store your account information (managed via our auth provider, Clerk), the Notion workspace you connect, the REST API source configurations and pipeline definitions you create, and the run history, schema snapshots, and data snapshots produced when your pipelines execute. We do not sell, share, or use your data for any purpose other than operating the service for you.

Sensitive credentials — your Notion OAuth tokens and the auth secrets for any REST API sources you connect — are encrypted at rest in our database using Fernet symmetric encryption. The Notion records and schemas Quay reads or writes during pipeline runs are stored as JSON in our managed PostgreSQL database; we do not currently apply field-level encryption to that record content. Access to all of your data is scoped to members of your workspace and enforced at the API layer, and our membership checks return 404 (not 403) for non-members so that resources cannot be enumerated across tenants.

To request export or deletion of your data, or for any other privacy questions, email us at hello@usequay.com and we'll respond within a few business days.